| Server IP : 103.161.17.216 / Your IP : 216.73.216.1 Web Server : nginx/1.18.0 System : Linux tipsysaigoncharming 5.4.0-216-generic #236-Ubuntu SMP Fri Apr 11 19:53:21 UTC 2025 x86_64 User : www-data ( 33) PHP Version : 7.4.3-4ubuntu2.29 Disable Function : pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,pcntl_unshare, MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : OFF | Sudo : ON | Pkexec : ON Directory : /var/www/app.houseland.info/application/services/ |
Upload File : |
<?php
namespace app\services;
class HtmlableText
{
protected $text;
public function __construct($text)
{
$this->text = $text;
}
public function toHtml()
{
$text = $this->text;
// Do not process if the text is not a string
if (! is_string($text)) {
return '';
}
// Early return
if (empty($text)) {
return $text;
}
include_once APPPATH . 'third_party/simple_html_dom.php';
// Remove any not allowed tags
$allowedTags = array_map(fn ($tag) => "<{$tag}>", array_keys(common_allowed_html_tags()));
$text = strip_tags($text, implode(', ', $allowedTags));
// Remove any inline styles
$html = str_get_html($text);
foreach ($html->find('*[style]') as $item) {
$item->style = null;
}
foreach ($html->find('a') as $item) {
$item->setAttribute('target', '_blank');
$item->setAttribute('rel', 'nofollow');
}
$text = $html->save();
// Escape the entire text first
$text = e($text, false);
// Process each allowed tag
foreach (common_allowed_html_tags() as $tagName => $attributes) {
// Start tag, capturing attributes
$text = preg_replace_callback("/<({$tagName})(.*?)>/i", function ($matches) use ($attributes) {
// Decode the tag
$attrsString = htmlspecialchars_decode($matches[2]);
// Filter and rebuild attributes
$attrsString = preg_replace_callback('/(\w+)=("[^"]*"|\'[^\']*\')/', function ($attrMatches) use ($attributes) {
// Check if the attribute is allowed for this tag
if (in_array(strtolower($attrMatches[1]), $attributes)) {
// Return the original attribute string
return $attrMatches[0];
}
// Exclude the attribute by returning an empty string
return '';
}, $attrsString);
return "<{$matches[1]}{$attrsString}>";
}, $text);
// End tag
$text = preg_replace("/<\\/{$tagName}>/i", "</{$tagName}>", $text);
}
// Convert URLs to clickable links if they are not already in an anchor tag
$text = preg_replace_callback('/(?<!href=")(?<!href=\')(?<!src=")(?<!src=\')\b(http|https):\/\/[^\s<]+/i', function ($urlMatches) {
$url = htmlspecialchars_decode($urlMatches[0]);
return "<a href=\"{$url}\" target=\"_blank\" rel=\"nofollow\">{$url}</a>";
}, $text);
return $text;
}
}